I searched a bit in rom-files and found OEM_7x30_MODEM.cab. It contains a file "modem" which seems interesting in 2 ways.
First:
I'm a lazy man and enthusiast of analogism and think, that developers at microsoft are lazy too and reuse code : Is it possible, that the procedure to pack the data for modem into one file and encrypting it is the same then in backup procedure? Look at the file which starts with a xml part, describing the crypting algorithm for the payload.
Second (is a guess, inspired by the ver.ver file which has a 7.35.00 in it, exactly like the bootloader version ):
the packed and crypted parts of "modem" are unpacked to partition sdx3 on Lumia as adsp.mbn, amss.mbn and emmcboot.mbn, which could be the bootmodes called when a backup/restore runs.
So my question is: Could someone with a full unlocked lumia search through the files on the phone for a similar xml file, containing configuration for image encryption and what programs or processes call them?
are the certs on the phone refreshed every month with a new private key or refreshed using the same private key. If the latter is correct, then there is a chance that a cert is part of the backup encryption. If the private key changes, then it would impact, thats this is not a part of backup encryption, cause every backup older than the actual certificate becomes undecryptable, when the private key changes and no "master key" exists.
Regards
DonPromillo
I think these certs have only a public part. The encoding and decoding of the backup are probably working by getting the appropriate certs from an MSFT server at the start of an backup or restore action. The public certs are only for talking properly with different MSFT servers. I have not investigated this. This is just my educated guess. Maybe, if I have time, I will look into it later. If you have any specific questions that I may be able to answer, just ask.
I think these certs have only a public part. The encoding and decoding of the backup are probably working by getting the appropriate certs from an MSFT server at the start of an backup or restore action. The public certs are only for talking properly with different MSFT servers. I have not investigated this. This is just my educated guess. Maybe, if I have time, I will look into it later. If you have any specific questions that I may be able to answer, just ask.
Heathcliff74
A few post earlier he said he could make a backup without a network connection (unplugging the cable). This would mean the certs do have the private parts included?
my idea behind the question is the following, and I would to know, if my assumptions are logical:
I discovered, that in the backup process with zune all data sent between the phone and the zune-pc are scrambled before they reach the pc (I snooped the usb data stream and could find that the beginning of the usb data stream is the same as the beginning of the stored files in the zune backup folder)
So my assumption is, that scrampling the backup is done by phone. Furthermore, I can backup without any network connection, so all the things needed must be present on phone. If so, then if I'm able to identify the encryption process and it's parameters, I should be able to decrypt the stored files in zune backup folder too, provided, I were able to port that process to x86-procedures. And the last assumption: If I'm able to decrypt the backup files, it could be possible to edit these and re-encrypt the edited files. After that, they should be used to restore in normal restore process using zune.
Am I right?
DonPromillo
Quote:
Originally Posted by Heathcliff74
I think these certs have only a public part. The encoding and decoding of the backup are probably working by getting the appropriate certs from an MSFT server at the start of an backup or restore action. The public certs are only for talking properly with different MSFT servers. I have not investigated this. This is just my educated guess. Maybe, if I have time, I will look into it later. If you have any specific questions that I may be able to answer, just ask.
Heathcliff74
Quote:
Originally Posted by Briefcase
A few post earlier he said he could make a backup without a network connection (unplugging the cable). This would mean the certs do have the private parts included?
donpromillo,
Are you sure you can do this without network? I'm pretty sure this is not possible. Maybe you had Wifi and 3G disabled. But you say you were snooping the USB connection while you were making a backup. At that moment, the phone uses your PC to get an internet connection too. :P
So if you really want to test if all info is on the device, you should also disconnect your pc from the internet. If you have your phone in airplane mode and your pc has both wifi and ethernet disabled, you will probably get an error if you try to make a backup.
So if you really want to test if all info is on the device, you should also disconnect your pc from the internet. If you have your phone in airplane mode and your pc has both wifi and ethernet disabled, you will probably get an error if you try to make a backup.
If this is true - that means anyone who doesn't have a data connection can't make a backup of their phone... Surely Microsoft wouldn't allow that???
So, I've built ROM's for the Samsung Focus and for the HTC HD2. Both of these have flashing tools to allow us to flash the fancy new ROM's we built to our phones. If we have the unlocked bootloader can't we just rebuild the esco and flash that with QPST? Or is there something I am missing? Building the Lumia ROM in OSBuilder seems to be the same as other devices. So if I just take the .nb that is built and rename it boot.img then add that to a zip and then rename that zip bla_bla_rom.esco will that not work? Or is there something more? Does the Qualcomm bootloader still need signed files of some sort? I ask this becuase if we can do it this way then we won't have the Live services activation issues as well ass the other odd problems plus it is just way more end user friendly.
Why not? When was the last time you saw a smart phone with no connection at all (not Wifi, no 3G and not ethernet over USB)??
Good point. But I figured there is a possibility someone may not have a data connection and need to create a backup... If it was me, I wouldn't disallow people in those circumstances to backup their phone... But maybe Microsoft is different.
Quote:
Originally Posted by lilstevie
The backup is done in SCDL so wifi and 3G of the device would be disabled anyway
I may be wrong, but I think Heathcliff74's point is that the cert-checking is done before the phone enters this mode.
Good point. But I figured there is a possibility someone may not have a data connection and need to create a backup... If it was me, I wouldn't disallow people in those circumstances to backup their phone... But maybe Microsoft is different.
I may be wrong, but I think Heathcliff74's point is that the cert-checking is done before the phone enters this mode.
As far as I know, there is no real backup procedure available for Windows Phone, The way all current backup tools work by fake firmware update, which actually initiate zune to create a restore point. So, this entire process related to firmware update via zune, which actually required internet connection.
PS: I will try a offline backup today, will update the result.
XDA Developers was founded by developers, for developers. It is now a valuable resource for people who want to make the most of their mobile devices, from customizing the look and feel to adding new functionality. Are you a developer?
Introducing XDA:DevCon – A Conference For Developers By Developers
>
DEV ONLY - NAND access + Full Unlock for Lumia 710 & 800
Print
Email
.gif "Germany - O2 (Viag Interkom)")
View Profile
View Forum Posts
Follow on Twitter
View GitHub profile
Visit Homepage
View Facebook page
Linear Mode
